The latest strain of ransomware — GIBON — is making the rounds; make sure your business knows how to protect against it.


Ransomware is now a household name, and there’s no going back. Even though cybercriminals have been using ransomware for years now, it wasn’t until the global Wanna Cry attack earlier this year that awareness reached critical mass – but that was just the beginning.

A new ransomware strain known as “GIBON” was discovered last week as a part of otherwise conventional phishing campaigns. Hidden in emails, GIBON is distributed via macros that are downloaded and executed on the victim’s computer. Named for a particular user string that it uses when connecting to the target’s command-and-control server, GIBON targets and encrypts every file on the computer regardless of extension. Once complete, all files are left encrypted unless the victim pays the ransom.

Even more worrying, some suspect that this strain of ransomware may be Russian-made, given that its logo is based on that of a Russian television company, and that Russian email addresses are to be used to make the ransom payment. At the moment, it is not known how much the ransom is.

However, as with any strain of ransomware, there are a few key steps you and your employees can take to protect your business:

  • Be suspicious of emails and attachments from people or companies that you don’t do business with, as most ransomware infections arrive via infected word/xls/zip/exe files.
  • Backup your data on-site and off-site, and test your backups regularly.
  • Create a plan for getting infected, and regularly test your plan.
  • Consult with trusted cybersecurity and IT professionals.

Remember – you don’t have to do this alone. PNJ Technology Partners will help you set up robust backup solutions, develop cybersecurity response strategies, and help you protect against threats like GIBON.

For more information about GIBON and how to protect against it, contact the PNJ Technology Partners team at (518) 459-6712 or